Jump to content

We've got company!


XTreme

Recommended Posts

I've noticed over the past few days that we've had a lot more IP addresses visiting the site than normal. And I mean hundreds more showing in "Who's Online".

After I did some traces it appears they all come from your-server.de. This is the standard default reverse-DNS entry for servers rented from Hetzner, so that domain name isn't anything to do with the scraping.

Basically, It's the person renting that server that we need to identify. There's just too many IP's to blacklist and they're across too many different IP ranges to pin them down.

And even if I blocked them (which would be a long job) they'd probably just switch to different IP's. I can't block all hetzner servers either cos I'd be blocking legitimate traffic as well.

The numbers at present don't cause any problem other than wasting our bandwidth, but it's something that I'll need to monitor because I don't want it escalating into something like a DDoS attack.

If you didn't understand any of that, let me summarise:

Somebody has an unusual interest in this site. And when this sort of thing happens their intentions are never good.

@Tym.......time to Lock'n'Load!

  • Sad 1
Link to comment
Share on other sites

IP can be spoofed anyway, you can block ping backs and even partition ip blocks if you choose, this would mitigate a ddos attack.

Link to comment
Share on other sites

Just now, Buckster said:

IP can be spoofed anyway, you can block ping backs and even partition ip blocks if you choose, this would mitigate a ddos attack.

Definitely all Hetzner.......their cheap and nasty services attract a certain kind of user.

If they were specific blocks it would be easy enough......but they're not.

I have processes in place to mitigate if it becomes a problem but we're a long way from that.

Link to comment
Share on other sites

11 hours ago, XTreme said:

I've noticed over the past few days that we've had a lot more IP addresses visiting the site than normal. And I mean hundreds more showing in "Who's Online".

After I did some traces it appears they all come from your-server.de. This is the standard default reverse-DNS entry for servers rented from Hetzner, so that domain name isn't anything to do with the scraping.

Basically, It's the person renting that server that we need to identify. There's just too many IP's to blacklist and they're across too many different IP ranges to pin them down.

And even if I blocked them (which would be a long job) they'd probably just switch to different IP's. I can't block all hetzner servers either cos I'd be blocking legitimate traffic as well.

The numbers at present don't cause any problem other than wasting our bandwidth, but it's something that I'll need to monitor because I don't want it escalating into something like a DDoS attack.

If you didn't understand any of that, let me summarise:

Somebody has an unusual interest in this site. And when this sort of thing happens their intentions are never good.

@Tym.......time to Lock'n'Load!

be on your guard people ?

Link to comment
Share on other sites

 @XTreme only just seen this , good work last thing we need is a DDoS attack, did you block with a  22 RRTG  rogue PP ?

  would recommend  doing a Sargnet 587 run on our system as well , just to be on the safe side ?

you need any help let me know.

  • Haha 1
Link to comment
Share on other sites

4 minutes ago, Six30 said:

 @XTreme only just seen this , good work last thing we need is a DDoS attack, did you block with a  22 RRTG  rogue PP ?

  would recommend  doing a Sargnet 587 run on our system as well , just to be on the safe side ?

you need any help let me know.

I knew I could count on you to have my back Six!

I'll get on the Sargnet 587 straight away.....that'll sort these annoying cunts out! :littleguy:

  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

Privacy Policy